-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Robert J. Hansen escribió: > Faramir wrote: >> If he is using ftp to upload the files... standard ftp sends username >> and password unencrypted... so it could be sniffed... ... > telnet and ftp are antique protocols that have much better replacements > available to them. ssh, scp and sftp are all in common usage nowadays. > Anyone who uses telnet or ftp for any kind of sensitive information is > living dangerously by deliberate choice.
Some servers are hard to configure to use sftp (if possible at all)... as an example, a friend of me asked me to enable SSL in his server (I am not sure if it is a virtual server or just a virtualhost, but I am sure it has shared IP). When I tried to install the certificate... I realized it couldn't be done without having to pay an extra monthly fee to get our own IP. Without it, we are stuck to the "common" certificate extended to all the hosts in that IP, and I am not sure if it is trustworth at all... so sometimes, it's not by choice... or because they don't know how to configure these services. About what is "sensitive information", some people have fun by stealing somebody's email and closing it... but of course if we talk about a file containing the credit card number of your customers, then that is info is worth hiring somebody to set up security before something bad happens... Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBCAAGBQJIlq7uAAoJEMV4f6PvczxA8kgH/RETG81rnkAkAStQI9xyxd5x EmKpNDvoVxyxNh1weOhbZ/ehjNsWvfFXTgq5qj/MnuAmZffvGdKB11Dn6VETHMve UA65N+gB1/wAL0NSKuKDyYDMm3h1B/EIcO28sLe+M4sjakKTQq7RMvvoDIHEuJyx GXVHMJ4DKQVEnoMEAxq75qSI9LD0H5NSybPdhWCAQrnMUhRwp74h7RKjVp19n/Er jVzT/7fFplb6btCACmrIZIGenBxjCK4qka/nGNDxVMuVuJR5DzI/qBg44VZk92Wz /jMvzu1bWph8GdFkjWcTOXEXJEq/Ypwhg3Y56qxFnzTPVnDiANBBOQeHAwv+K4U= =qIVx -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
